In an office building or other enterprise establishment, personnel may be assigned to offices with each office having an associated telephone. The office telephones are typically connected to a private branch exchange (PBX) or other exchange or call processing infrastructure. A PBX is a private telephone network that allows each office telephone to have its own telephone extension, typically a three, four or five digit telephone number where station-to-station (i.e., office-to-office) calls can be placed by dialing the three, four or five digit extension. A direct inward dial (DID) telephone number is also typically associated with each office telephone that allows calls initiated outside of the PBX to be placed directly to the office telephone.
Typically, calls made within an enterprise between office telephones are generally considered to be secure. These particular telephony devices are generally coupled to each other within a wired network, which is usually established within a single building or that spans several buildings in close proximity, for example. Certain physical safeguards may be implemented to prevent unauthorized access to the wired network, and accordingly, calls between office telephones are generally considered to take place within a trusted domain. In cases where an enterprise uses wireless networks such as WiFi, as part of its network, physical safeguards such as shielding and wireless range control can also be used to hinder unauthorized access.
In contrast, communications that involve external devices that connect to an enterprise's network from the outside, such as mobile device communications (e.g. cellular telephone communications) established through a mobile carrier's cellular towers, or communications established through a local phone company's network or a Wide Area Network (WAN) such as the Internet, are generally not considered secure, as they typically take place over networks outside an enterprise's control where communications may be more easily intercepted by third parties. Accordingly, many organizations and institutions have instituted policies that govern what information employees should and should not communicate by voice when using an external device, due to internal and regulatory restrictions.
Greater security when using external devices for voice communications may be desirable. In one known system, each of a plurality of external devices may be provided with a client application comprising an encryption module. At one external device, the encryption module is configured to encrypt outgoing voice communication data originating from that external device for transmission to another of the plurality of external devices also equipped with the encryption module. At the other external device, the encryption module is configured to decrypt incoming encrypted voice communication data. Encryption and decryption of voice communication data for transmission in the reverse direction is typically also performed. This system facilitates more secure voice communications between the external devices.